Exam FCP_FGT_AD-7.4 Topic 3 Question 33 Discussion
Actual exam question for Fortinet's FCP_FGT_AD-7.4 exam
Question #: 33
Topic #: 3
Question #: 33
Topic #: 3
View the exhibit.
date=2022-06-14 time=14:45:16 logid=0317013312 type=utm subtype=webfilter eventtype=ftgd_allow level=notice vd="root" policyid=2 identidx=1 sessionid=31232959 user="anonymous" group="ldap_users" srcip=192.168.1.24 srcport=63355 srcintf="port2" dstip=66.171.121.44 dstport=80 dstintf="port1" service="http" hostname="www.fortinet.com" profiletype="Webfilter_Profile" profile="default" status="passthrough" reqtype="direct" url="/" sentbyte=304 rcvdbyte=60135 msg="URL belongs to an allowed category in policy" method=domain class=0 cat=140 catdesc="custom1" What two things does this raw log indicate? (Choose two.)
date=2022-06-14 time=14:45:16 logid=0317013312 type=utm subtype=webfilter eventtype=ftgd_allow level=notice vd="root" policyid=2 identidx=1 sessionid=31232959 user="anonymous" group="ldap_users" srcip=192.168.1.24 srcport=63355 srcintf="port2" dstip=66.171.121.44 dstport=80 dstintf="port1" service="http" hostname="www.fortinet.com" profiletype="Webfilter_Profile" profile="default" status="passthrough" reqtype="direct" url="/" sentbyte=304 rcvdbyte=60135 msg="URL belongs to an allowed category in policy" method=domain class=0 cat=140 catdesc="custom1" What two things does this raw log indicate? (Choose two.)
Suggested Answer: A,C Vote an answer
The raw log indicates the following:
A. FortiGate allowed the traffic to pass.
The "status" field is set to "passthrough," which means the traffic was allowed to pass.
C. The traffic matches the webfilter profile on firewall policy ID 2.
The "policyid" field is set to 2, indicating that the traffic matches the firewall policy with ID 2. The
"profiletype" and "profile" fields specify that the traffic matches the Webfilter profile named "default." The other options are not supported by the information in the raw log:
B is incorrect because the log does not provide information about the IP address of www.fortinet.com; it indicates the destination IP address as 66.171.121.44.
D is incorrect because the log indicates that the traffic originated from 192.168.1.24, not 66.171.121.44.
So, the correct choices are A and C.
A. FortiGate allowed the traffic to pass.
The "status" field is set to "passthrough," which means the traffic was allowed to pass.
C. The traffic matches the webfilter profile on firewall policy ID 2.
The "policyid" field is set to 2, indicating that the traffic matches the firewall policy with ID 2. The
"profiletype" and "profile" fields specify that the traffic matches the Webfilter profile named "default." The other options are not supported by the information in the raw log:
B is incorrect because the log does not provide information about the IP address of www.fortinet.com; it indicates the destination IP address as 66.171.121.44.
D is incorrect because the log indicates that the traffic originated from 192.168.1.24, not 66.171.121.44.
So, the correct choices are A and C.
by Montague at Apr 25, 2025, 04:27 PM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).